The urge to prioritize compliance is understandable; after all, a breach may happen, but an audit will happen. A focus on avoiding penalties, a misunderstanding of the purpose of regulations and the tendency to meet the bare minimum requirements are all signifiers of a compliance-first approach. None of them deliver real security.
Mark Chillingworth on IT leadership
Phil Muncaster reports on China and beyond
Kathryn Cave looks at the big trends in tech